From be05f1a8a62ec96a26c4b11912f45ce038c0cda0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 29 May 2024 00:40:45 +0000 Subject: [PATCH] fix: computeengine/package.json & computeengine/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-IP-7148531 --- computeengine/package.json | 2 +- computeengine/yarn.lock | 92 ++------------------------------------ 2 files changed, 5 insertions(+), 89 deletions(-) diff --git a/computeengine/package.json b/computeengine/package.json index c8e6ee6194..de8cf65573 100644 --- a/computeengine/package.json +++ b/computeengine/package.json @@ -11,7 +11,7 @@ "dependencies": { "@google-cloud/compute": "0.5.0", "googleapis": "16.1.0", - "nodemailer": "2.7.0", + "nodemailer": "4.0.1", "nodemailer-smtp-transport": "2.7.2", "sendgrid": "4.7.1" } diff --git a/computeengine/yarn.lock b/computeengine/yarn.lock index 4611b0389a..2ebc917190 100644 --- a/computeengine/yarn.lock +++ b/computeengine/yarn.lock @@ -40,10 +40,6 @@ is "^3.0.1" string-format-obj "^1.0.0" -addressparser@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/addressparser/-/addressparser-1.0.1.tgz#47afbe1a2a9262191db6838e4fd1d39b40821746" - ansi-regex@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.0.0.tgz#c5061b6e0ef8a81775e50f5d66151bf6bf371107" @@ -201,18 +197,6 @@ buffer-shims@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51" -buildmail@4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/buildmail/-/buildmail-4.0.0.tgz#73a2ce3492e53417f306fc1be324bef44a3c4ea7" - dependencies: - addressparser "1.0.1" - libbase64 "0.1.0" - libmime "3.0.0" - libqp "1.1.0" - nodemailer-fetch "1.6.0" - nodemailer-shared "1.1.0" - punycode "^2.0.1" - camelcase-keys@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-1.0.0.tgz#bd1a11bf9b31a1ce493493a930de1a0baf4ad7ec" @@ -548,10 +532,6 @@ httpreq@>=0.4.22: version "0.4.22" resolved "https://registry.yarnpkg.com/httpreq/-/httpreq-0.4.22.tgz#27097c8ad95ea9679190530c9c0f66b8c7aafb18" -iconv-lite@0.4.15: - version "0.4.15" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.15.tgz#fe265a218ac6a57cfe854927e9d04c19825eddeb" - indent-string@^1.1.0: version "1.2.2" resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-1.2.2.tgz#db99bcc583eb6abbb1e48dcbb1999a986041cb6b" @@ -564,10 +544,6 @@ inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.1: version "2.0.3" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" -ip@^1.1.2: - version "1.1.4" - resolved "https://registry.yarnpkg.com/ip/-/ip-1.1.4.tgz#de8247ffef940451832550fba284945e6e039bfb" - is-arrayish@^0.2.1: version "0.2.1" resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" @@ -693,22 +669,6 @@ jws@~3.0.0: base64url "~1.0.4" jwa "~1.0.0" -libbase64@0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/libbase64/-/libbase64-0.1.0.tgz#62351a839563ac5ff5bd26f12f60e9830bb751e6" - -libmime@3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/libmime/-/libmime-3.0.0.tgz#51a1a9e7448ecbd32cda54421675bb21bc093da6" - dependencies: - iconv-lite "0.4.15" - libbase64 "0.1.0" - libqp "1.1.0" - -libqp@1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/libqp/-/libqp-1.1.0.tgz#f5e6e06ad74b794fb5b5b66988bf728ef1dedbe8" - lodash.chunk@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/lodash.chunk/-/lodash.chunk-4.2.0.tgz#66e5ce1f76ed27b4303d8c6512e8d1216e8106bc" @@ -729,13 +689,6 @@ lowercase-keys@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.0.tgz#4e3366b39e7f5457e35f1324bdf6f88d0bfc7306" -mailcomposer@4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/mailcomposer/-/mailcomposer-4.0.0.tgz#109b2c344331cbe57fa05a82e92d0c0f17752893" - dependencies: - buildmail "4.0.0" - libmime "3.0.0" - map-obj@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" @@ -791,13 +744,6 @@ node-uuid@~1.4.7: version "1.4.7" resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.7.tgz#6da5a17668c4b3dd59623bda11cf7fa4c1f60a6f" -nodemailer-direct-transport@3.3.2: - version "3.3.2" - resolved "https://registry.yarnpkg.com/nodemailer-direct-transport/-/nodemailer-direct-transport-3.3.2.tgz#e96fafb90358560947e569017d97e60738a50a86" - dependencies: - nodemailer-shared "1.1.0" - smtp-connection "2.12.0" - nodemailer-fetch@1.6.0: version "1.6.0" resolved "https://registry.yarnpkg.com/nodemailer-fetch/-/nodemailer-fetch-1.6.0.tgz#79c4908a1c0f5f375b73fe888da9828f6dc963a4" @@ -808,14 +754,6 @@ nodemailer-shared@1.1.0: dependencies: nodemailer-fetch "1.6.0" -nodemailer-smtp-pool@2.8.2: - version "2.8.2" - resolved "https://registry.yarnpkg.com/nodemailer-smtp-pool/-/nodemailer-smtp-pool-2.8.2.tgz#2eb94d6cf85780b1b4725ce853b9cbd5e8da8c72" - dependencies: - nodemailer-shared "1.1.0" - nodemailer-wellknown "0.1.10" - smtp-connection "2.12.0" - nodemailer-smtp-transport@2.7.2: version "2.7.2" resolved "https://registry.yarnpkg.com/nodemailer-smtp-transport/-/nodemailer-smtp-transport-2.7.2.tgz#03d71c76314f14ac7dbc7bf033a6a6d16d67fb77" @@ -828,17 +766,10 @@ nodemailer-wellknown@0.1.10: version "0.1.10" resolved "https://registry.yarnpkg.com/nodemailer-wellknown/-/nodemailer-wellknown-0.1.10.tgz#586db8101db30cb4438eb546737a41aad0cf13d5" -nodemailer@2.7.0: - version "2.7.0" - resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-2.7.0.tgz#d68f1d6c0c7a65fc7abbc3c0f02016183012a36b" - dependencies: - libmime "3.0.0" - mailcomposer "4.0.0" - nodemailer-direct-transport "3.3.2" - nodemailer-shared "1.1.0" - nodemailer-smtp-pool "2.8.2" - nodemailer-smtp-transport "2.7.2" - socks "1.1.9" +nodemailer@4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-4.0.1.tgz#b95864b07facee8287e8232effd6f1d56ec75ab2" + integrity sha512-CVY7O+5/AEJ9NCWDUWAp1MlQMT/8xRtZmK+H/7O0G70+6oKkfc7pt8mWN3+Ju/9lS/9itL27gUmD5J45rvxktw== number-is-nan@^1.0.0: version "1.0.1" @@ -900,10 +831,6 @@ punycode@^1.4.1: version "1.4.1" resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" -punycode@^2.0.1: - version "2.1.0" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.0.tgz#5f863edc89b96db09074bad7947bf09056ca4e7d" - qs@~6.2.0: version "6.2.1" resolved "https://registry.yarnpkg.com/qs/-/qs-6.2.1.tgz#ce03c5ff0935bc1d9d69a9f14cbd18e568d67625" @@ -1059,10 +986,6 @@ sendgrid@4.7.1: lodash.chunk "^4.2.0" sendgrid-rest "^2.3.0" -smart-buffer@^1.0.4: - version "1.0.11" - resolved "https://registry.yarnpkg.com/smart-buffer/-/smart-buffer-1.0.11.tgz#3050337098a8e4cdf0350fef63dd146049ff940a" - smtp-connection@2.12.0: version "2.12.0" resolved "https://registry.yarnpkg.com/smtp-connection/-/smtp-connection-2.12.0.tgz#d76ef9127cb23c2259edb1e8349c2e8d5e2d74c1" @@ -1076,13 +999,6 @@ sntp@1.x.x: dependencies: hoek "2.x.x" -socks@1.1.9: - version "1.1.9" - resolved "https://registry.yarnpkg.com/socks/-/socks-1.1.9.tgz#628d7e4d04912435445ac0b6e459376cb3e6d691" - dependencies: - ip "^1.1.2" - smart-buffer "^1.0.4" - split-array-stream@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/split-array-stream/-/split-array-stream-1.0.0.tgz#d5e4ffacd306161d69ed5252ff56d57e7762eaa2"